Glossary

A

Access Control

Access control is a way of limiting access to computing resources, thereby reducing the risk of attacks, data breaches or other technology issues. Access control can limit the people, roles, networks, and systems that have access to particular types of technology, computing systems, applications, or datasets.

Adware

Adware is a type of software that shows paid advertisements to users, either in its own interface, through integration with other software, or in separate windows or GUI elements. Adware can be legitimately installed as a way to generate revenue, or it can be unintentionally or maliciously installed as malware on a computer.

Agent

Application Gateway

An application gateway, also known as an application level gateway is a special type of security technology. It runs on a firewall and protects a network from unauthorized or illegal traffic. It does this through filtering and controlling the type of traffic that is allowed through the application gateway and into the web application, service, or website itself.

Artificial Intelligence

Attacker

An attacker is an individual or organization that carries out a cyberattack on a target with the intent of damaging, stealing, destroying, exposing, accessing, or otherwise modifying secure or sensitive information or systems.

Authentication

Authentication is used by computer systems and applications to check that a user or other application is who they claim to be, and can access the system and its data. If a user positively authenticates themselves, they are then granted access to the application and data.

B

Backdoor

A backdoor is a way to access computer systems, software, or data without having to go through standard authorization and login processes. Although backdoors are sometimes created by developers for building and testing, they are easily exploited by attackers to gain unauthorized access.

Blacklist

A blacklist is a security feature that denies access to a system if the way the system is accessed is identical to the blacklist criteria. Blacklists are used to exclude certain types of access to sensitive data, systems, websites, or applications.

Botnet

A botnet is a collection of compromised computers and other devices that can be used by hackers, criminals, and bad actors to carry out attacks on websites, devices, and technology across open, public networks. They recruit unprotected devices into a botnet network using trojans and malware and then exploit botnet machines to attack other internet resources.

Breach

A breach, or data breach, is damage caused by unauthorized access to your computer systems, software, or data that results in the exposure of sensitive information. A data breach can cause significant financial and reputational damage.

Buffer Overflow

A buffer overflow is a special type of attack on a computer system. The attacker tries to write specific data into a particular part of the memory in an application or infrastructure. A fixed length of memory is known as a “buffer” and without proper precautions, extra data may overflow and provide access to other parts of the application, allowing the system to be compromised.

C

Carding

Carding is the theft of credit and debit card information for fraudulent purposes. Hackers will typically steal credit card numbers, expiration dates, and card security codes (CSC / CVV numbers) and either sell the information on to other criminals or use it to make fraudulent purchases and chargebacks.

Confidentiality

Confidentiality is an approach used to give authorized users access to sensitive data in accordance with business and role-based needs. It can also relate to the various methods used to ensure confidentiality against unauthorized users.

Cross-Site Scripting

Cross-site scripting is a type of vulnerability most often found in online web applications. The vulnerability allows hackers to exploit weaknesses in website code so that they can inject client-side scripts and malware into web pages when they are viewed by others.

D

Data Loss Prevention

Data loss prevention (DLP) reduces the risk that employees, third parties, or others will share sensitive information outside of an organization’s network. It helps to prevent the loss, misuse, or unauthorized access of confidential data that could compromise an organization, its employees, or its customers.

Defense in Depth

Defense in depth is a way of approaching cybersecurity that relies on layering defenses on top of each other. These various layers act as failsafe mechanisms, so if one is breached by a hacker, another layer of defense can attempt to stop the attack.

Denial of Service

A Denial of Service (DOS) attack is a technique used by attackers to prevent legitimate users from accessing a website, application, data, or other services. This is commonly achieved by making multiple “false” requests to a web server or application. The number of these requests overloads the capacity of the targeted system, meaning it has no resources to serve legitimate users.

E

Encryption

Encryption is the process of making data more secure by using an algorithm to encrypt the data so it cannot be accessed, read, or used without a corresponding decryption key. Encryption is used to protect sensitive information.

Endpoint

An endpoint device is a device used to access a computer network. The device must be internet-capable and typically uses a TCP/IP protocol to send and receive data. Endpoint devices include desktop computers, laptops, tablets, smartphones, IoT devices, printers, and any other technology that can access an internet or organization’s network.

Endpoint Security

Endpoint security protects an organization’s network when it is accessed by remote and mobile devices. When a remote device connects to the network, it can become a potential attack vector and introduce threats to the network. Endpoint security aims to reduce the risk of this happening through a combination of policies and security tools.

Exploit

An exploit is a way for a criminal or hacker to gain access to, or take advantage of, a vulnerability or flaw in a computer system. Exploits can be entered through specialized software, as manual commands, or by using data chunks and other techniques. An exploit will typically be followed up with data theft or other damage to an organization’s data and IT systems.

F

Fingerprinting

Fingerprinting is a type of biometric technology, where someone who wants to access a sensitive system has their fingerprints recorded. Then, when they need to access the system, their fingerprints are scanned. Assuming a positive match, this is then combined with other login information to grant access.

Firewall

A firewall is a type of technology that enforces rules on the type of data that can be transmitted into or out of a particular computer system or IT network. It is an early line of defense against unauthorized access to sensitive computer systems.

Footprinting

Footprinting is a technique that hackers and criminals use to find out about the specific environment or IT ecosystem a potentially vulnerable system operates in. This makes it easier for them to intrude into the system so they can steal data or cause other issues.

H

HTTPS

HyperText Transport Protocol Secure (HTTPS) is a communication protocol used to access information from a secure web server. HTTPS uses strong encryption to prevent others from reading or hijacking data when it is in transit between a secure web server and a browser.

Hash DoS Attack

A Hash Denial of Service (DoS) attack is a specialized type of exploit that takes advantage of a specific “hashing algorithm” that’s in common use across many software libraries, programming languages, and applications. When the attack is launched, it sends a specific type of command to the software service which ties it up processing large amounts of complex data. This results in a lack of capacity to process legitimate requests, effectively shutting the service down.

I

Identity Management

Identity and access management is a security discipline that ensures only credentialed, authorized, authenticated users can access, manage, and use the technology, software, systems, and data in your business.

Information Security

Information Security, also known as InfoSec or IS is a security discipline that ensures the protection, confidentiality, availability, and integrity of computer data. IS prevents the unauthorized use of data, specifically in regard to access, use, sharing, transmission, disclosure, disruption, modification, inspection, recording, or destruction.

Integrity

Computer system and data integrity relates to the methods and approaches used to protect data and systems from unauthorized access, and to ensure that any data is real, accurate, consistent, and valid across its entire lifecycle.

K

Key

A key, typically a network security key, is a series of numbers and characters that users, devices, apps, and infrastructure use to get legitimate access to a computer network. This ensures that only authentic people, processes, and technology can gain access.

L

Live Scan

Live Scan is a technological term used in the cybersecurity and biometric industries to state that the collection and storage of fingerprints and biometric data meets a certain standard, as defined by the FBI. Ideally, biometric scanners should meet these standards to provide proper security and authentication.

Load Balancing

Malware is a type of malicious software that criminals use to gain access to computer systems, applications, and data. Malware comes in many varieties but is mainly designed to steal information and extort businesses for financial gain.

M

Malware

Malware is a type of malicious software that criminals use to gain access to computer systems, applications, and data. Malware comes in many varieties but is mainly designed to steal information and extort businesses for financial gain.

Managed Service Provider

A Managed Service Provider (MSP) provides a range of fully-managed technology services on behalf of a client. MSPs bill for services based on a subscription model that takes into account the range of services required, how much support is likely to be needed, the length of the contract, and various other factors. MSPs are often used because an organization doesn’t have the resources or expertise to provide these services in house.

Mitigation

Mitigation is the term for the various methods and techniques that security experts and others can use to minimize the risk of IT failure, data theft, and other activities that compromise data, systems, and applications.

Mobile Device Management

Mobile device management (MDM) is a type of security system that allows an organization to manage how mobile devices can access their technology, systems, and information. MDM can be used across multiple types of mobile devices, including various form factors, operating systems, and devices, whether they are issued by the organization itself, or an employee’s personal device used under a “Bring Your Own Device (BYOD)” approach.

N

Network Access Control

Network access control (NAC) is a cybersecurity policy and technology that restricts what a specific device can do on an organization’s network. NAC limits network resources to devices, based on security rules, helping to prevent unauthorized access and protecting systems and data.

O

Office 365 Sign On

MS Office 365 Sign On can refer to how users get access to various Office 365 applications and data. It can also refer to the various techniques that are used to protect Office 365 accounts and data from unauthorized access.

P

Palm Scanner

A palm scanner recognizes unique features in an individual’s hand. It then uses this information to create a baseline of an authentic user and can then compare this to future access attempts by the same user to ensure palm scans match before providing access. Palm scanners can also be used to enforce security at ports of entry and other sensitive locations.

Patch

A patch is a fix that is applied to software, firmware, middleware, infrastructure, and other IT areas to improve or repair specific IT elements. In security terms, a patch is most often applied to remove vulnerabilities that could be exploited by criminals.

Penetration Testing

Penetration testing is a way for companies to check their networks, systems, applications, and infrastructure for possible security vulnerabilities. A penetration testing team uses similar tools and techniques to those used by criminals and hackers to attempt to gain access to a corporation’s technology. They will then report back on gaps in security so that risks and issues can be resolved.

Phishing

Phishing is an attack method used by hackers and criminals to get unwitting people to enter sensitive information and login details into a fraudulent website. Attackers typically use electronic communications like emails to influence people to enter details into their fraudulent websites.

Point of Sale

Point of Sale (POS) are software and systems that help a business to sell products and services to customers. POS systems will often integrate with other parts of the business to maximize revenue. POS systems can be vulnerable to employee fraud and theft.

Proxy

A proxy is a type of internet service that acts as an intermediary when transmitting and receiving information between users and services. A proxy server can protect the user’s identity or make it appear as if they are accessing data from a different IP address.

Real-Time Streaming Protocol (RTSP)

Real-time streaming protocol is a way of managing the provision of media content to a device over the internet. It provides real-time media functionality between servers and client devices and allows for time-synchronized audio and video content. The protocol does not stream the media itself, rather it communicates with the server providing the data on the end user and device needs.

Reverse Proxy

A reverse proxy is a technology that works with an organization’s web servers and websites. The reverse proxy forwards requests made by a user’s browser to relevant web servers. This helps to balance loads and responsiveness and provides additional security and reliability.

Root

A “root” account is a special account on a computer system or network that provides privileged, superuser access and functions to special users. It is often targeted by hackers and malware using tools like a “rootkit.”

S

Scraping

Data scraping allows a computer program to extract information from human-readable output, most often created by another computer program. Data scraping can be used on websites, software applications, and other areas.

Security Assertion Markup Language

Security Token

A security token is a device used in two-factor or multifactor authentication to authenticate a user and authorize them to access an organization’s network, systems, and data. A security token is often used alongside other security measures to grant access.

Sniffing

Sniffing is a way to trace, intercept, and read data as it is being transmitted over public networks like the internet. It is used by developers and security experts to identify issues and optimize data transfer and by criminals and other bad actors to steal data and gain unauthorized access to computer systems.

Social Engineering

Social engineering is a way to attack computer software, systems, and information through manipulating employees, third parties, and other people and groups. Social engineering attempts to convince unwitting victims to provide authorized access to hackers through the use of trickery and scams.

Spyware

Spyware is a type of malicious software (malware) that criminals use to steal information about computer systems, applications, and data. Spyware is mainly designed to gain access to sensitive data and systems so that information can be used for financial gain.

SQL Injection

An SQL Injection is a type of attack on a computer system. It injects “bad” code into a database in an attempt to manipulate the database, expose sensitive information, or otherwise disrupt business operations.

T

Trojan Horse

A Trojan Horse is a specific type of malware that misleads users about what it will do. It initially appears harmless, but once it infects a system, it releases a payload that may cause operational harm or expose sensitive data.

Two Factor Authentication

Two Factor Authentication is a way to verify the identities of users through a combination of passwords, logins, and another authentication factor. If a user positively authenticates themselves through two factor authentication, they are then granted access to the application and data.

U

User Accounts

A user account is a way for an individual to connect with a particular service, system, or computer network. User accounts help to identify individuals within the network and provide certain access levels and privileges, depending on what the account is intended to do.

V

Vulnerability

Vulnerability Scanning

Vulnerability scanning is a security process that uses specialized software to scan an organization’s network, systems, software, and other assets for potential vulnerabilities that could be exploited by hackers. Vulnerability scanning tools use a database of known flaws and test your security to see if your assets are at risk.

W

Web 2.0

Web 2.0 is an informal term applied to websites that allow true, two-way interaction between users and content. These types of website focus on ease-of-use, user-generated content, participation, and interoperability. Social media websites, Software as a Service (SaaS), and other web-based technologies are all good examples of Web 2.0.

Web Application Firewall

A web application firewall is a security service deployed to protect online applications. It monitors traffic to and from a web application and filters or blocks it if it meets, or fails to meet, certain criteria. A web application firewall differs from a traditional firewall because it monitors and controls traffic between specific online applications, rather than between servers.

Whitelist

A whitelist is a security feature that only allows access to systems, software, or data if the way the system is accessed is identical to the whitelist criteria. Whitelists are used to ensure only access meeting predefined filters or authorization is allowed access to sensitive areas.

Z

Zero Day Vulnerability

A zero day vulnerability is a brand new flaw in computer systems, code, or software that is unknown to the vendors, developers, or other parties that would be in a position to fix the code or patch the vulnerability. This is a significant risk as if these zero day vulnerabilities are detected by hackers, they can be exploited with little recourse.